From: deraadt Date: Sun, 5 Jan 2014 01:56:52 +0000 (+0000) Subject: Like upgrade, use feed_random right after mounting filesystems. This X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=7850262de0619c479207b27f74caf27c3de50dc0;p=openbsd Like upgrade, use feed_random right after mounting filesystems. This is less than ideal. We hope the kernel has good entropy already, because this is a reinstall?? Or maybe the ftp server startup has run to completion? Or if this is an autoinstall, that config has enough unique in it? This needs more work, but the existing late-entropy feed sequence is worse. discussed at length with rpe, who tested it --- diff --git a/distrib/miniroot/install.sh b/distrib/miniroot/install.sh index c83cd9ba309..5c8b8783129 100644 --- a/distrib/miniroot/install.sh +++ b/distrib/miniroot/install.sh @@ -1,5 +1,5 @@ #!/bin/ksh -# $OpenBSD: install.sh,v 1.239 2013/12/18 08:04:16 halex Exp $ +# $OpenBSD: install.sh,v 1.240 2014/01/05 01:56:52 deraadt Exp $ # $NetBSD: install.sh,v 1.5.2.8 1996/08/27 18:15:05 gwr Exp $ # # Copyright (c) 1997-2009 Todd Miller, Theo de Raadt, Ken Westerback @@ -192,6 +192,8 @@ done >>/tmp/fstab munge_fstab mount_fs "-o async" +feed_random + install_sets # If we did not succeed at setting TZ yet, we try again @@ -270,16 +272,6 @@ _f=dhclient.conf [[ -f $_f && -s $_f ]] && mv $_f /mnt/etc/. done) -# Feed the random pool some junk before we read from it -(dmesg; cat $SERVERLISTALL /*.conf; sysctl; route -n show; df; - ifconfig -A; hostname) >/mnt/dev/arandom 2>&1 - -echo -n "done.\nGenerating initial host.random file..." -dd if=/mnt/dev/arandom of=/mnt/var/db/host.random \ - bs=65536 count=1 >/dev/null 2>&1 -chmod 600 /mnt/var/db/host.random >/dev/null 2>&1 -echo "done." - apply if [[ -n $user ]]; then